Menu
Close
AC.L1-3.1.1 AUTHORIZED ACCESS CONTROL
AC.L1-3.1.2 TRANSACTION & FUNCTION CONTROL
AC.L1-3.1.20 EXTERNAL CONNECTIONS
AC.L1-3.1.22 CONTROL PUBLIC INFORMATION
AC.L2-3.1.10 – SESSION LOCK
AC.L2-3.1.11 – SESSION TERMINATION
AC.L2-3.1.12 – CONTROL REMOTE ACCESS
AC.L2-3.1.13 – REMOTE ACCESS CONFIDENTIALITY
AC.L2-3.1.14 – REMOTE ACCESS ROUTING
AC.L2-3.1.15 – PRIVILEGED REMOTE ACCESS
AC.L2-3.1.16 – WIRELESS ACCESS AUTHORIZATION
AC.L2-3.1.17 – WIRELESS ACCESS PROTECTION
AC.L2-3.1.18 – MOBILE DEVICE CONNECTION
AC.L2-3.1.19 – ENCRYPT CUI ON MOBILE
AC.L2-3.1.21 – PORTABLE STORAGE USE
AC.L2-3.1.3 – CONTROL CUI FLOW Discussions
AC.L2-3.1.4 – SEPARATION OF DUTIES
AC.L2-3.1.5 – LEAST PRIVILEGE
AC.L2-3.1.6 – NON-PRIVILEGED ACCOUNT USE
AC.L2-3.1.7 – PRIVILEGED FUNCTIONS
AC.L2-3.1.8 – UNSUCCESSFUL LOGON ATTEMPTS
AC.L2-3.1.9 – PRIVACY & SECURITY NOTICES
Appeals Page
Assessment Dashboard page
AT.L2-3.2.1 – ROLE-BASED RISK AWARENESS
AT.L2-3.2.2 – ROLE-BASED TRAINING
AT.L2-3.2.3 – INSIDER THREAT AWARENESS
AU.L2-3.3.1 – SYSTEM AUDITING
AU.L2-3.3.2 – USER ACCOUNTABILITY
AU.L2-3.3.3 – EVENT REVIEW
AU.L2-3.3.4 – AUDIT FAILURE ALERTING
AU.L2-3.3.5 – AUDIT CORRELATION
AU.L2-3.3.6 – REDUCTION & REPORTING
AU.L2-3.3.7 – AUTHORITATIVE TIME SOURCE
AU.L2-3.3.8 – AUDIT PROTECTION
AU.L2-3.3.9 – AUDIT MANAGEMENT
Audit Log
Branding page
Business Partners
CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT
CA.L2-3.12.2 – PLAN OF ACTION
CA.L2-3.12.3 – SECURITY CONTROL MONITORING
CA.L2-3.12.4 – SYSTEM SECURITY PLAN
CM.L2-3.4.1 – SYSTEM BASELINING
CM.L2-3.4.2 – SECURITY CONFIGURATION ENFORCEMENT
CM.L2-3.4.3 – SYSTEM CHANGE MANAGEMENT
CM.L2-3.4.4 – SECURITY IMPACT ANALYSIS
CM.L2-3.4.5 – ACCESS RESTRICTIONS FOR CHANGE
CM.L2-3.4.6 – LEAST FUNCTIONALITY
CM.L2-3.4.7 – NONESSENTIAL FUNCTIONALITY
CM.L2-3.4.8 – APPLICATION EXECUTION POLICY
CM.L2-3.4.9 – USER-INSTALLED SOFTWARE
Common Controls
Conditional Output
Configuration Landing Page
Consent Landing
Consent Landing
Consumer Data Privacy Request Page
Consumer Search
Cookie Consent
Custom Content
Dashboard page
Data Privacy Assessments
Data Settings
Document Consent
Domain and Email Ban List
Egnyte Authentication
Email Templates
Feature Disabled
Framework Assessments
IA.L1-3.5.1 – IDENTIFICATION
IA.L1-3.5.2 – AUTHENTICATION
IA.L2-3.5.10 – CRYPTOGRAPHICALLY-PROTECTED PASSWORDS
IA.L2-3.5.11 – OBSCURE FEEDBACK
IA.L2-3.5.3 – MULTIFACTOR AUTHENTICATION
IA.L2-3.5.4 – REPLAY-RESISTANT AUTHENTICATION
IA.L2-3.5.5 – IDENTIFIER REUSE
IA.L2-3.5.6 – IDENTIFIER HANDLING
IA.L2-3.5.7 – PASSWORD COMPLEXITY
IA.L2-3.5.8 – PASSWORD REUSE
IA.L2-3.5.9 – TEMPORARY PASSWORDS
IR.L2-3.6.1 – INCIDENT HANDLING
IR.L2-3.6.2 – INCIDENT REPORTING
IR.L2-3.6.3 – INCIDENT RESPONSE TESTING
Language Support
MA.L2-3.7.1 – PERFORM MAINTENANCE
MA.L2-3.7.2 – SYSTEM MAINTENANCE CONTROL
MA.L2-3.7.3 – EQUIPMENT SANITIZATION
MA.L2-3.7.4 – MEDIA INSPECTION
MA.L2-3.7.5 – NONLOCAL MAINTENANCE
MA.L2-3.7.6 – MAINTENANCE PERSONNEL
MP.L1-3.8.3 – MEDIA DISPOSAL
MP.L2-3.8.1 – MEDIA PROTECTION
MP.L2-3.8.2 – MEDIA ACCESS
MP.L2-3.8.4 – MEDIA MARKINGS
MP.L2-3.8.5 – MEDIA ACCOUNTABILITY
MP.L2-3.8.6 – PORTABLE STORAGE ENCRYPTION
MP.L2-3.8.7 – REMOVEABLE MEDIA
MP.L2-3.8.8 – SHARED MEDIA
MP.L2-3.8.9 – PROTECT BACKUPS
PE.L1-3.10.1 – LIMIT PHYSICAL ACCESS
PE.L1-3.10.3 – ESCORT VISITORS
PE.L1-3.10.4 – PHYSICAL ACCESS LOGS
PE.L1-3.10.5 – MANAGE PHYSICAL ACCESS
PE.L2-3.10.2 – MONITOR FACILITY
PE.L2-3.10.6 – ALTERNATIVE WORK SITES
Privacy Center
PS.L2-3.9.1 – SCREEN INDIVIDUALS
PS.L2-3.9.2 – PERSONNEL ACTIONS
Quiklinks
RA.L2-3.11.1 – RISK ASSESSMENTS
RA.L2-3.11.2 – VULNERABILITY SCAN
RA.L2-3.11.3 – VULNERABILITY REMEDIATION
Regulations and Features
Release Notes
Request Reports page
Requests
Review
SC.L1-3.13.1 – BOUNDARY PROTECTION
SC.L1-3.13.5 – PUBLIC-ACCESS SYSTEM SEPARATION
SC.L2-3.13.10 – KEY MANAGEMENT
SC.L2-3.13.11 – CUI ENCRYPTION
SC.L2-3.13.12 – COLLABORATIVE DEVICE CONTROL
SC.L2-3.13.13 – MOBILE CODE
SC.L2-3.13.14 – VOICE OVER INTERNET PROTOCOL
SC.L2-3.13.15 – COMMUNICATIONS AUTHENTICITY
SC.L2-3.13.16 – DATA AT REST
SC.L2-3.13.2 – SECURITY ENGINEERING
SC.L2-3.13.3 – ROLE SEPARATION
SC.L2-3.13.4 – SHARED RESOURCE CONTROL
SC.L2-3.13.6 – NETWORK COMMUNICATION BY EXCEPTION
SC.L2-3.13.7 – SPLIT TUNNELING
SC.L2-3.13.8 – DATA IN TRANSIT
SC.L2-3.13.9 – CONNECTIONS TERMINATION
Scramble page
SI.L1-3.14.1 – FLAW REMEDIATION
SI.L1-3.14.2 – MALICIOUS CODE PROTECTION
SI.L1-3.14.4 – UPDATE MALICIOUS CODE PROTECTION
SI.L1-3.14.5 – SYSTEM & FILE SCANNING
SI.L2-3.14.3 – SECURITY ALERTS & ADVISORIES
SI.L2-3.14.6 – MONITOR COMMUNICATIONS FOR ATTACKS
SI.L2-3.14.7 – IDENTIFY UNAUTHORIZED USE
SSO Settings
Systems
Tasks
User Roles and Permissions
Users
Verification Questions
Skip to content
Truyo Releases
Truyo Data Privacy
AC.L1-3.1.1 AUTHORIZED ACCESS CONTROL
AC.L1-3.1.2 TRANSACTION & FUNCTION CONTROL
AC.L1-3.1.20 EXTERNAL CONNECTIONS
AC.L1-3.1.22 CONTROL PUBLIC INFORMATION
AC.L2-3.1.10 – SESSION LOCK
AC.L2-3.1.11 – SESSION TERMINATION
AC.L2-3.1.12 – CONTROL REMOTE ACCESS
AC.L2-3.1.13 – REMOTE ACCESS CONFIDENTIALITY
AC.L2-3.1.14 – REMOTE ACCESS ROUTING
AC.L2-3.1.15 – PRIVILEGED REMOTE ACCESS
AC.L2-3.1.16 – WIRELESS ACCESS AUTHORIZATION
AC.L2-3.1.17 – WIRELESS ACCESS PROTECTION
AC.L2-3.1.18 – MOBILE DEVICE CONNECTION
AC.L2-3.1.19 – ENCRYPT CUI ON MOBILE
AC.L2-3.1.21 – PORTABLE STORAGE USE
AC.L2-3.1.3 – CONTROL CUI FLOW Discussions
AC.L2-3.1.4 – SEPARATION OF DUTIES
AC.L2-3.1.5 – LEAST PRIVILEGE
AC.L2-3.1.6 – NON-PRIVILEGED ACCOUNT USE
AC.L2-3.1.7 – PRIVILEGED FUNCTIONS
AC.L2-3.1.8 – UNSUCCESSFUL LOGON ATTEMPTS
AC.L2-3.1.9 – PRIVACY & SECURITY NOTICES
Appeals Page
Assessment Dashboard page
AT.L2-3.2.1 – ROLE-BASED RISK AWARENESS
AT.L2-3.2.2 – ROLE-BASED TRAINING
AT.L2-3.2.3 – INSIDER THREAT AWARENESS
AU.L2-3.3.1 – SYSTEM AUDITING
AU.L2-3.3.2 – USER ACCOUNTABILITY
AU.L2-3.3.3 – EVENT REVIEW
AU.L2-3.3.4 – AUDIT FAILURE ALERTING
AU.L2-3.3.5 – AUDIT CORRELATION
AU.L2-3.3.6 – REDUCTION & REPORTING
AU.L2-3.3.7 – AUTHORITATIVE TIME SOURCE
AU.L2-3.3.8 – AUDIT PROTECTION
AU.L2-3.3.9 – AUDIT MANAGEMENT
Audit Log
Branding page
Business Partners
CA.L2-3.12.1 – SECURITY CONTROL ASSESSMENT
CA.L2-3.12.2 – PLAN OF ACTION
CA.L2-3.12.3 – SECURITY CONTROL MONITORING
CA.L2-3.12.4 – SYSTEM SECURITY PLAN
CM.L2-3.4.1 – SYSTEM BASELINING
CM.L2-3.4.2 – SECURITY CONFIGURATION ENFORCEMENT
CM.L2-3.4.3 – SYSTEM CHANGE MANAGEMENT
CM.L2-3.4.4 – SECURITY IMPACT ANALYSIS
CM.L2-3.4.5 – ACCESS RESTRICTIONS FOR CHANGE
CM.L2-3.4.6 – LEAST FUNCTIONALITY
CM.L2-3.4.7 – NONESSENTIAL FUNCTIONALITY
CM.L2-3.4.8 – APPLICATION EXECUTION POLICY
CM.L2-3.4.9 – USER-INSTALLED SOFTWARE
Common Controls
Conditional Output
Configuration Landing Page
Consent Landing
Consent Landing
Consumer Data Privacy Request Page
Consumer Search
Cookie Consent
Custom Content
Dashboard page
Data Privacy Assessments
Data Settings
Document Consent
Domain and Email Ban List
Egnyte Authentication
Email Templates
Feature Disabled
Framework Assessments
IA.L1-3.5.1 – IDENTIFICATION
IA.L1-3.5.2 – AUTHENTICATION
IA.L2-3.5.10 – CRYPTOGRAPHICALLY-PROTECTED PASSWORDS
IA.L2-3.5.11 – OBSCURE FEEDBACK
IA.L2-3.5.3 – MULTIFACTOR AUTHENTICATION
IA.L2-3.5.4 – REPLAY-RESISTANT AUTHENTICATION
IA.L2-3.5.5 – IDENTIFIER REUSE
IA.L2-3.5.6 – IDENTIFIER HANDLING
IA.L2-3.5.7 – PASSWORD COMPLEXITY
IA.L2-3.5.8 – PASSWORD REUSE
IA.L2-3.5.9 – TEMPORARY PASSWORDS
IR.L2-3.6.1 – INCIDENT HANDLING
IR.L2-3.6.2 – INCIDENT REPORTING
IR.L2-3.6.3 – INCIDENT RESPONSE TESTING
Language Support
MA.L2-3.7.1 – PERFORM MAINTENANCE
MA.L2-3.7.2 – SYSTEM MAINTENANCE CONTROL
MA.L2-3.7.3 – EQUIPMENT SANITIZATION
MA.L2-3.7.4 – MEDIA INSPECTION
MA.L2-3.7.5 – NONLOCAL MAINTENANCE
MA.L2-3.7.6 – MAINTENANCE PERSONNEL
MP.L1-3.8.3 – MEDIA DISPOSAL
MP.L2-3.8.1 – MEDIA PROTECTION
MP.L2-3.8.2 – MEDIA ACCESS
MP.L2-3.8.4 – MEDIA MARKINGS
MP.L2-3.8.5 – MEDIA ACCOUNTABILITY
MP.L2-3.8.6 – PORTABLE STORAGE ENCRYPTION
MP.L2-3.8.7 – REMOVEABLE MEDIA
MP.L2-3.8.8 – SHARED MEDIA
MP.L2-3.8.9 – PROTECT BACKUPS
PE.L1-3.10.1 – LIMIT PHYSICAL ACCESS
PE.L1-3.10.3 – ESCORT VISITORS
PE.L1-3.10.4 – PHYSICAL ACCESS LOGS
PE.L1-3.10.5 – MANAGE PHYSICAL ACCESS
PE.L2-3.10.2 – MONITOR FACILITY
PE.L2-3.10.6 – ALTERNATIVE WORK SITES
Privacy Center
PS.L2-3.9.1 – SCREEN INDIVIDUALS
PS.L2-3.9.2 – PERSONNEL ACTIONS
Quiklinks
RA.L2-3.11.1 – RISK ASSESSMENTS
RA.L2-3.11.2 – VULNERABILITY SCAN
RA.L2-3.11.3 – VULNERABILITY REMEDIATION
Regulations and Features
Release Notes
Request Reports page
Requests
Review
SC.L1-3.13.1 – BOUNDARY PROTECTION
SC.L1-3.13.5 – PUBLIC-ACCESS SYSTEM SEPARATION
SC.L2-3.13.10 – KEY MANAGEMENT
SC.L2-3.13.11 – CUI ENCRYPTION
SC.L2-3.13.12 – COLLABORATIVE DEVICE CONTROL
SC.L2-3.13.13 – MOBILE CODE
SC.L2-3.13.14 – VOICE OVER INTERNET PROTOCOL
SC.L2-3.13.15 – COMMUNICATIONS AUTHENTICITY
SC.L2-3.13.16 – DATA AT REST
SC.L2-3.13.2 – SECURITY ENGINEERING
SC.L2-3.13.3 – ROLE SEPARATION
SC.L2-3.13.4 – SHARED RESOURCE CONTROL
SC.L2-3.13.6 – NETWORK COMMUNICATION BY EXCEPTION
SC.L2-3.13.7 – SPLIT TUNNELING
SC.L2-3.13.8 – DATA IN TRANSIT
SC.L2-3.13.9 – CONNECTIONS TERMINATION
Scramble page
SI.L1-3.14.1 – FLAW REMEDIATION
SI.L1-3.14.2 – MALICIOUS CODE PROTECTION
SI.L1-3.14.4 – UPDATE MALICIOUS CODE PROTECTION
SI.L1-3.14.5 – SYSTEM & FILE SCANNING
SI.L2-3.14.3 – SECURITY ALERTS & ADVISORIES
SI.L2-3.14.6 – MONITOR COMMUNICATIONS FOR ATTACKS
SI.L2-3.14.7 – IDENTIFY UNAUTHORIZED USE
SSO Settings
Systems
Tasks
User Roles and Permissions
Users
Verification Questions
Month:
March 2022
New Release
CMMC Release Notes Info about release
Read More
